<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3">
    <head>
        <title>Thymeleaf - WebSecurity</title>
        <meta charset="utf-8" />
        <link rel="stylesheet" href="css/main.css" th:href="@{/css/main.css}" />
    </head>
    <body>
        <div th:fragment="logout" class="logout"
             sec:authorize="isAuthenticated()">
            Logged user: <span sec:authentication="name">Bob</span> |
            Roles: <span sec:authentication="principal.authorities">[ROLE_USER, ROLE_ADMIN]</span> |
            <!--/* When using CSRF this needs to be a POST */-->
            <form th:action="@{/logout}" method="post" style="display:inline"><input type="submit" value="Logout"/></form>
        </div>
        <h1>Thymeleaf - WebSecurity</h1>
        <p>This is a demo of Thymeleaf and Spring-Security integration.</p>
        <h2>Private pages</h2>
        <p>This is a public page, but you can navigate to protected pages to trigger authentication.</p>
        <ul>
            <li>Go to <a href="admin/index.html" th:href="@{/admin/index.html}">administration zone</a> (only admins)</li>
            <li>Go to <a href="user/index.html" th:href="@{/user/index.html}">user zone</a> (only users)</li>
            <li>Go to <a href="user/index.html" th:href="@{/shared/index.html}">shared zone</a> (both users and admins)</li>
        </ul>
        <h2>Exception handling</h2>
        <ul>
            <li>You can <a href="error.html" th:href="@{/simulateError.html}">simulate an exception</a> to see custom ErrorPage.</li>
        </ul>
    </body>
</html>
